diff options
| -rw-r--r-- | deployment/systems/aisaka.scm | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm index 9d3bf74..e135196 100644 --- a/deployment/systems/aisaka.scm +++ b/deployment/systems/aisaka.scm @@ -426,6 +426,22 @@ (ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem") (raw-content (list "ssl_client_certificate /home/marek/CA/root_certificate.pem;" "ssl_verify_client on;"))) + ;; Schron + (gnu:services:web:nginx-server-configuration + (locations (list (gnu:services:web:nginx-location-configuration + (body (list "proxy_set_header Host $host;" + "proxy_set_header X-Real-IP $remote_addr;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" + "proxy_set_header X-Forwarded-Proto $scheme;" + "if ($ssl_client_verify != SUCCESS) {return 403;}")) + (uri "/")))) + (listen (list "192.168.10.2:443 ssl")) + (root "/home/marek/Publiczne/test") + (server-name (list "schron.marekpasnikowski.pl")) + (ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem") + (raw-content (list "ssl_client_certificate /home/marek/CA/root_certificate.pem;" + "ssl_verify_client on;"))) ;; Radicale ((@ (gnu services web) nginx-server-configuration) (locations |